Making IT simpler with a modern workplace

By Brad Anderson, Corporate Vice President for Microsoft 365, on April 27, 2018November 2, 2018

There is a simple way to explain one of the biggest threats to any organization’s infrastructure. It’s just one word: complexity.

Complexity is the absolute enemy of security and productivity. The simpler you can make your productivity and security solutions, the easier it will be for IT to manage and secure—making the user experience that much more elegant and useful. We’ve learned from building and running over 200 global cloud services that a truly modern and truly secure service is a simple one.

Microsoft 365 is built to help you solve this problem of complexity so that you can simplify. But let me be clear, simpler doesn’t mean less robust or less capable.

From thousands of conversations with customers, we heard clearly how important it is for IT to simplify the way it enables users across PCs, mobile devices, cloud services, and on-premises apps. Microsoft 365 provides that all with an integrated solution that’s simpler, yet also more powerful and intelligent.

Because the way you work and do business is so important to us, our work will never be done—we will constantly innovate, improve, and discover new and better ways to help your organization do more. Today, I am excited to announce some new capabilities and updates coming soon to Microsoft 365, including:

Each of these new capabilities will allow you to simplify your modern workplace, which means delighting and empowering your users, while enabling IT to protect and secure the corporate assets.

Time for a modern desktop

What do I mean by a “modern desktop?”

A modern desktop is powered by Windows 10 and Office 365 ProPlus and is always up to date with insights and security powered by the cloud. After years of refinements, we believe this is the most productive and secure computing experience for businesses. Not only does it provide the richest user experience, it also helps IT better manage devices and data, with lower costs.

Today, we are making two announcements about enhancements we’ve delivered for managing modern desktops:

Delivery Optimization allows for one device to download an update and then use the local network to deliver that update to peers. This significantly reduces bandwidth (by as much as 90 percent) and that results in a much better experience for everyone on the network.

With the Windows 10 April 2018 Update, you will be able to monitor Delivery Optimization Status using Windows Analytics—including how many devices are enabled and the bandwidth savings you’ve achieved.

Delivery Optimization Status using Windows Analytics.

Second, recently we announced the Readiness Toolkit for Office (RTO), which helps with your Office VBA, Macro, and add-in compatibility. The Application Health Analyzer (AHA) tool, which can assess the dependencies of your internally developed apps and help you ensure they remain compatible with Windows 10 updates, will be available in public preview in the coming months.

ConfigMgr also plays an important part in how so many of you manage the servicing process. In fact, I am excited to share that this week we hit a new milestone of 115 million devices under management by ConfigMgr! The recent 1802 release of ConfigMgr will add the ability for you to execute phased deployment rings. This will further automate the servicing of Windows 10 and Office 365 ProPlus by updating IT-defined groups one at a time, and automatically initiating the next group once the health of the first deployment is confirmed.

We recognize, however, that organizations are in various stages of transition to the cloud. To support customers who are not fully ready to move to the cloud in the near future, we will release Office 2019 in the second half of 2018. Commercial previews of the Office 2019 applications on Windows 10 are available starting today.

Finally, in February we shared there are just two years before the end of extended support for Windows 7 and Office 2010 (January and October 2020, respectively). There has never been a better time than now to plan and accelerate your transition and upgrade to a modern desktop experience with Microsoft 365.

Solutions for Firstline Workers and kiosks

Whether for customers in your lobby or for your Firstline Workers, Windows kiosk devices often are the first representation of your organization’s brands, products, or services. IT needs a simpler process to configure and manage these devices for both Firstline Workers and customer-facing kiosks.

Today, we are extending the assigned access capabilities for Windows 10, so you can easily deploy and manage kiosk devices with Microsoft Intune for your single or multiple app scenarios. This includes the new Kiosk Browser that will be available from the Microsoft Store. Kiosk Browser is great for delivering a reliable and custom-tailored browsing experience for scenarios such as retail and signage.

Kiosk Browser available from the Microsoft Store.

Over the next year, we will add additional capabilities to help you streamline kiosk deployment and keep them in a pristine state for a reliable Firstline Worker experience. You can learn more about these investments in the Windows IT Pro blog.

Kiosks and Firstline Worker devices are most secure, resilient, and performant when deployed with Windows 10 in S mode. With the Windows 10 April 2018 Update, Windows 10 Enterprise can be configured in S mode, so organizations can deploy both Credential Guard and Application Guard, and benefit from centralized management of the Microsoft Store, Cortana, and more. All of this is available with a Microsoft 365 subscription.

In addition, we are also simplifying our licensing to add the Office mobile apps for iOS and Android to Office 365 E1, F1, and Business Essential licenses. With this change, all users licensed for Microsoft 365 and Office 365, including Firstline Workers, will be able to use the Office mobile apps and be productive on the go. Outlook for iOS and Android is available to users now. Word, PowerPoint, Excel, and OneNote mobile apps will be available over the next few months.

Streamline device management at lower costs

Modern management promises to dramatically reduce and simplify the process of managing desktop images, saving valuable time and money.

Windows AutoPilot is a key part of the flexible device management approach needed in a modern workplace. It’s as simple as taking a new device from the box, powering it on, entering your credentials, and sitting back while it is configured and managed from the cloud with minimal user or IT effort. With no management of images!

Starting with the Windows 10 April 2018 Update, Windows AutoPilot now includes an enrollment status page. This page enables you to ensure policies, settings, and apps can be provisioned on the device during that out-of-box experience before the user gets to the desktop and begins interacting with the device. Now IT can ensure every device is compliant and secure before it is used.

Windows AutoPilot enrollment status page.

Lenovo announced that they are the first Microsoft OEM PC partner to have direct integration with the Windows AutoPilot deployment service. They are ramping up to worldwide availability and working with early pilot customers. Dell is also now shipping PCs with Windows AutoPilot to customers in the U.S. and select countries and can enroll devices on behalf of customers in the factory for provisioning. HP, Toshiba, Panasonic, and Fujitsu remain committed to bringing seamless deployments of Windows 10 to customers through Windows AutoPilot on their respective PCs in the fall.

Windows AutoPilot is an absolute gamechanger. I urge you to spend some time learning more about how it can simplify your deployments, reduce the massive amount of time and money you spend provisioning hardware, and, of course, your users are going to love the simplicity.

An integrated administration experience

Our vision for the cloud services we build is to help simplify your work with a unified and intuitive management experience that spans your users, devices, apps, and services.

Back in March, we took a major step in this direction by announcing the Microsoft 365 admin center as the common management entry point for your entire Microsoft 365 implementation. Today, we are expanding this integrated and intuitive admin experience to Office 365 users.

The Microsoft 365 admin center.

Users of both Office 365 and Microsoft 365 will now have access to the same admin center with the same capabilities. For Office 365 users, this means a simpler admin experience that easily integrates with your other Microsoft services—all without giving up any capabilities or control.

If you want to manage Microsoft 365, you can now simply go to admin.microsoft.com. Previously, IT pros who were managing Microsoft 365 had to go to multiple consoles. Not any longer!

Compliance that’s built-in

The complexity and difficulty of managing compliance can be overwhelming, especially for larger organizations. We updated Microsoft 365 to include built-in and continuously updated capabilities that help with regulations that govern archiving, retention, disposition, classification, and discovery of data. These new features will really help reduce the complexity of executing compliance workflows.

The Microsoft 365 Security & Compliance Center is the central place that’s integrated with Azure Active Directory, Microsoft Exchange, SharePoint, and Teams—and it allows you to import data for retention and content discovery, as well as across cloud services.

The Microsoft 365 Security & Compliance Center.

We’ve recently added several new capabilities to the Security & Compliance Center, including:

A new Data Privacy tab that gives you the ability to execute Data Subject Requests as part of the fulfillment requirements for the General Data Protection Regulation (GDPR).

Privileged Access Management that allows you to prevent standing admin privilege by providing just-in-time access for admin roles and tasks in Microsoft 365.

Multi-Geo Capabilities in Microsoft 365 that give you control over where your data resides at a per-user level based on your global data location and compliance needs.

New Advanced Data Governance controls for event-based retention and disposition.

In addition to the Security & Compliance Center, each of the apps in Microsoft 365 supports the compliance levels you need. The latest application to join this list is Microsoft Forms, a simple app for creating surveys, quizzes, and polls. Used by more than three million users in education, thanks to customer demand, Forms was brought to commercial preview last year. Now, having received SOC compliance, and after feedback from 50,000+ companies during the preview, Forms is enterprise ready and generally available to all commercial customers. To learn more, visit the Forms Tech Community.

Simplifying your IT

I am really excited about the capabilities we are delivering today. These updates are going to positively impact the way you use Microsoft 365 across desktops, devices, services, and compliance—and you will tangibly see those benefits across the countless things your IT organization manages.

Here are a handful of things you can do right now to begin to simplify your IT management:

Plan for Windows 7 and Office 2010 EOL (January and October 2020, respectively) and upgrade to a modern desktop.

Enroll in Windows Analytics, activate Upgrade Readiness, onboard your devices, and upgrade to the latest version of Windows.

Plan and execute your first Windows AutoPilot deployment.

Get familiar with the new Microsoft 365 admin center experience.

Start using the Security & Compliance Center and the Compliance Manager to track regulatory compliance and controls.

And don’t forget, Microsoft FastTrack is available to help guide you on your path to IT management simplification with Microsoft 365.

There is a real elegance in simplifying; it means having fewer things to manage, configure, integrate, secure, and (simply put) break down. This means fewer things that can go wrong and there are fewer places where a misconfiguration can create an entry point for an attacker. Now you have both a better user experience and improved IT control.

Simplified IT means better security at a lower cost, and more productivity with less risk.